The Chapel Hills network is primarily designed to offer 100/1000 UTP Ethernet structure cabling to covered schools needs and to provide more flexibility and safety for staff and student according to their needs. The main idea of the network is to categorize every people that are working on school's machines into groups depending on their needs. There will be 3 different main groups of people that are going to have privileges on the network. IT Team, Students and Staff are going to use primarily schools network. Both groups have different needs and different privileges depending on the group policy that will affect them.
After found all requirements it is time to start implementing the network. We are using VMware as our virtual environment machine to install server's OS, router's OS and user's OS into our computers.
Virtual Machine is a widely-installed operating system for IBM-compatible computers and servers that can host other operating systems in such a way that each operating system behaves as if it were installed on a self-contained computer with its own set of programs and hardware resources.
Get your grade
or your money back
using our Essay Writing Service!
Those are the hardware specifications of our virtual Windows Server 2008.C:\Users\CChrysafis\Desktop\New Bitmap Image (6).bmp
For our project we need 4 different PCs with virtual environment installed on it, 1 for Vyatta router 1 for Ubuntu server, 1 for Windows Server 2008 and the last one for Windows 7 user's pc.
03nd February 2013 - Reading material about Active Directory / DNS
An AD domain controller authenticates and authorizes all users and computers in a Windows domain type network assigning and enforcing security policies for all computers and installing or updating software. Active Directory provides more secure environment for the host and the users of the network and also categorize them into groups to be possible for the administrators to control the users easier and apply the appropriate policies on their accounts.
04th February 2013 - Install Active Directory / DNS / File Server
Group Policy is a feature of the Microsoft Windows family of operating systems that control the working environment of user accounts and computer accounts. Group Policy provides the centralized management and configuration of operating systems, applications, and users' settings in an Active Directory environment. For chapels Hill purposes we need to create three different groups to categorize our users and apply the appropriate policies on their groups.
Add new roles to Windows Sever. Active Directory, DNS, File Server
A DNS server is any computer registered to join the Domain Name System. A DNS server runs special-purpose networking software, features a public IP address, and contains a database of network names and addresses for other Internet hosts.
CHAPELHILLSERVE is our DNS Server name.
Group Policy Management
3 Different Groups and each one have their own policy.C:\Users\CChrysafis\Desktop\Windows Server 2008-2013-04-19-01-57-31.png
After doing the most important part of our project, it is time to start creating users and add them on their groups. For Chapel Hill purposes we have 3 groups (STUDENTS, IT TEAM, STAFF) and we need to create 30 Student users, 3 Teachers and 2 IT Team for maintenance and troubleshooting purposes.
15th February 2013 - Reading materials about Linux DHCP server
The Dynamic Host Configuration Protocol (DHCP) is a network protocol used to configure devices that are connected to a network (known as hosts) so they can communicate on that network using the Internet Protocol (IP). It involves clients and a server operating in a client-server model.
DHCP automatically assigns IP addresses and other network configuration information such as subnet mask, broadcast address, etc. to computers on a network.
First of all we installed DHCP on Linux Ubuntu, and then using online materials configured the DHCP server to automatically assign Ip addresses to our clients.
apt-get install dhcp3-server
Linux Ubuntu Server Ethernet Settings
20th February 2013 - Reading materials about Vyatta - Configure Vyatta
Vyatta provides a suit of virtual router, virtual firewall and VPN products for Internet Protocol networks and supports both IPv4 and IPv6. The system is based on Debian Linux distribution with networking applications such as Quagga, OpenVPN, and many others. To configure Vyatta we had use linux commands as Vyatta is based on Debian linux and It was easier to use Vyatta than other routers.
Always on Time
Marked to Standard
Eth0 is configured with NAT and provides internet our network.
Eth1 and Eth 2 are configured with Static IPC:\Users\CChrysafis\Desktop\New Bitmap Image (4).bmp
To protect users and especially kids from unauthorised access and inappropriate webpages we had configure Vyatta with squid guard to allows us to use blacklists with squid, and block specific webpages or categories to protect school network better.
You can block a specific webpage or you can use a category that you want to block.
Also you can set the redirect-url so when someone tries to get access to those pages to redirect automatically to a specific webpage.
24th February 2013 - Configure Group Policies
The "Default Domain Policy" is a GPO created during the creation of your Active Directory domain that contains settings that, by default, apply to all computer and user accounts in the domain.
From Group Policy Management you can view or edit you policies.
Each group have different policies because every group of users have different needs.C:\Users\CChrysafis\Desktop\Windows Server 2008-2013-04-20-21-31-52.png
The specific details of how Group Policy is applied by users or computers are somewhat involved. In general, though, Group Policy objects are applied in the order they are encountered starting at the top of the domain and proceeding down through OUs to the computer object. From Group Policy management editor you can add/edit or disable policies for specific group of user or computer.
You can add policies for a specific group of users but also you can create policies for specific group of computers.C:\Users\CChrysafis\Desktop\New Bitmap Image (7).bmp
30th February 2013 - Configure Users PCs / Use Appropriate GUI for Pupils.
Use appropriate Wallpapers to attract kids and help kids focusing/relaxing on their PC's. Also Disable configuration places to stop kids disable or edit any important settings and make the working area friendlier for pupils. Configure desktop with the appropriate shortcuts to help amateur users. Every user has their own storage place with different privileges depending of their group. (Students have a common file with read only privileges and each one their own storage folder on the server with administrative privileges. Additionally, teachers have their own storage folder on the server and a common folder with all the students with administrative privileges.)
StudentsDoc - Folder with Read only privileges.
home - Personal user's folder
C:\Users\CChrysafis\Desktop\New Bitmap Image (8).bmp
Students can't change their wallpapers, windows taskbar or set any screen savers according to group policies.
05th March 2013 -Testing
Use Universities Lap to test the whole network, Test if policies are applied on both teachers and users accounts, if IT team have full access on the server and if Vyatta block specific websites or categories and finally if student can read teacher's folder and use their own storage folder correctly.